aboutsummaryrefslogtreecommitdiff
path: root/sys/security/mac
Commit message (Expand)AuthorAgeFilesLines
* kern: mac: add a prison_cleanup entry pointKyle Evans2026-02-142-0/+6
* jail(3): fix common usage after mac.label supportKyle Evans2026-01-201-6/+2
* kern: add a mac.label jail parameterKyle Evans2026-01-162-0/+164
* kern: mac: pull mac_label_copyin_string outKyle Evans2026-01-161-18/+30
* mac_set_fd(3): add support for jail descriptorsKyle Evans2026-01-164-2/+78
* kern: mac: add various jail MAC hooksKyle Evans2026-01-163-0/+124
* mac: add macros for 5-argument SDT probesKyle Evans2026-01-161-5/+13
* kern: mac: add a MAC label to struct prisonKyle Evans2026-01-165-0/+180
* MAC: Rename mac_cred_create_swapper to mac_cred_create_kproc0John Baldwin2025-12-043-5/+5
* MAC: Use the current thread's user ABI to determine the layout of struct macJohn Baldwin2025-11-242-28/+6
* MAC: Use proper prototype for SYSINIT functionsZhenlei Huang2025-10-131-2/+2
* mac: Remove uses of DEBUG_VFS_LOCKSMark Johnston2025-08-032-2/+2
* New setcred() system call and associated MAC hooksOlivier Certner2024-12-163-2/+61
* MAC: syscalls: mac_label_copyin(): 32-bit compatibilityOlivier Certner2024-12-162-6/+51
* MAC: syscalls: Split mac_set_proc() into reusable piecesOlivier Certner2024-12-162-20/+128
* MAC: syscalls: Factor out common label copy-in codeOlivier Certner2024-12-161-118/+83
* MAC: mac_policy.h: Declare common MAC sysctl and jail parameters' nodesOlivier Certner2024-12-162-7/+15
* MAC: Define a common 'mac' node for MAC's jail parametersOlivier Certner2024-12-161-0/+6
* MAC: 'kernel_mac_support' module: Make an outdated comment more genericOlivier Certner2024-12-161-1/+1
* MAC: improve handling of listening socketsMichael Tuexen2024-09-262-6/+14
* MAC: improve consistency in error handlingMichael Tuexen2024-09-261-0/+1
* sys: Automated cleanup of cdefs and other formattingWarner Losh2023-11-272-2/+0
* Remove gratuitous copyouts of unchanged struct mac.Brooks Davis2023-11-134-9/+10
* sys: Remove $FreeBSD$: one-line .c patternWarner Losh2023-08-1619-38/+0
* sys: Remove $FreeBSD$: two-line .h patternWarner Losh2023-08-163-6/+0
* mac_ipacl: new MAC policy module to limit jail/vnet IP configurationShivank Garg2023-07-264-0/+43
* mac: Honor order when registering MAC modules.Steve Kiernan2023-04-181-22/+16
* kdb: Modify securelevel policyMark Johnston2023-03-302-0/+10
* IfAPI: Add if_get/setmaclabel() and use it.Justin Hibbits2023-01-313-18/+18
* vfs: stop using NDFREEMateusz Guzik2022-12-191-3/+4
* Bump MAC_VERSION to 5Allan Jude2022-10-071-1/+2
* vfs: introduce V_PCATCH to stop abusing PCATCHMateusz Guzik2022-09-171-2/+2
* protosw: refactor protosw and domain static declaration and loadGleb Smirnoff2022-08-171-2/+2
* mac: cheaper check for mac_pipe_check_readMateusz Guzik2022-08-173-2/+20
* mac: s/0/false/ in macros denoting probe enablementMateusz Guzik2022-08-111-14/+14
* mac: kdb/ddb framework hooksMitchell Horne2022-07-183-0/+96
* sysent: Get rid of bogus sys/sysent.h include.Dmitry Chagin2022-05-281-1/+0
* vfs: remove the unused thread argument from NDINIT*Mateusz Guzik2021-11-251-2/+2
* mac: cheaper check for ifnet_create_mbuf and ifnet_check_transmitMateusz Guzik2021-06-293-10/+40
* tcp_input/syncache: acquire only read lock on PCB for SYN,!ACK packetsGleb Smirnoff2021-04-121-1/+1
* Add a comment on why the call to mac_vnode_relabel() might be in the wrongRobert Watson2021-02-271-3/+12
* Convert remaining cap_rights_init users to cap_rights_init_oneMateusz Guzik2021-01-121-2/+4
* mac: cheaper check for mac_vnode_check_readlinkMateusz Guzik2021-01-083-2/+20
* cache: combine fast path enabled status into one flagMateusz Guzik2021-01-061-0/+3
* pipe: allow for lockless pipe_statMateusz Guzik2020-11-193-3/+30
* mac_framework.h: fix build with DEBUG_VFS_LOCKS and !MACAndriy Gapon2020-09-031-1/+1
* security: clean up empty lines in .c and .h filesMateusz Guzik2020-09-013-3/+1
* mac: even up all entry points to the same schemeMateusz Guzik2020-08-061-7/+38
* vfs: add a cheaper entry for mac_vnode_check_accessMateusz Guzik2020-08-053-2/+17
* Fix tinderbox build after r363714Mateusz Guzik2020-07-301-0/+8
generated by cgit v1.3 (git 2.53.0) at 2026-03-28 21:51:25 +0000